🚨 Critical Security Alert! GitLab issues patches for CVE-2023-5009, a flaw allowing attackers to run pipelines as other users.

Protect your code—update now: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html

🛡️ Signal messaging app's latest update adds a quantum-resistant shield. Learn how the PQXDH protocol boosts encryption against future quantum threats.

Details here: https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html

🚨 Alert: Chinese-language speakers under attack!

Multiple email phishing campaigns are distributing dangerous malware, including ValleyRAT.

Read: http://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html

Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys.

Read: https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html

Attention IT admins! Update Nagios XI to version 5.11.2 now. The network monitoring software has patched four critical security flaws (CVE-2023-40931 to CVE-2023-40934), protecting against privilege escalation and information disclosure.

Read: https://thehackernews.com/2023/09/critical-security-flaws-exposed-in.html

🚨 Beware of Fake Exploits! A malicious actor tried to trick users with a fake WinRAR PoC exploit on GitHub, aiming to infect them with VenomRAT malware.

Learn more: https://thehackernews.com/2023/09/beware-fake-exploit-for-winrar.html

⚠️ Attention Linux users who downloaded the "Free Download Manager" software between 2020 and 2022:

Its website was breached in 2020, and a Ukrainian hacker group distributed malware.

Learn about the incident: https://thehackernews.com/2023/09/ukrainian-hacker-suspected-to-be-behind.html

Gold Melody, the financially motivated cybercrime group, is selling access to compromised organizations for ransomware attacks.

Researchers have revealed their tactics and targets: https://thehackernews.com/2023/09/cyber-group-gold-melody-selling.html

🚨 China's Ministry of State Security accuses the U.S. of cyber espionage against Huawei servers since 2009.

Read: https://thehackernews.com/2023/09/china-accuses-us-of-decade-long-cyber.html

🚨 P2PInfect Worm Alert : P2PInfect malware activity skyrockets 600x in a week. Researchers shed light on its rapid growth and evolving tactics.

Read: https://thehackernews.com/2023/09/researchers-raise-red-flag-on-p2pinfect.html

Sandman, a new cyber threat actor, is targeting telecom providers across continents. Read more about this cyber espionage campaign.

Read: https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html

🚨 Attention users! Apple issues patches for 3 new critical zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari. Stay safe with the latest updates for your devices.

Read details: https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html

🚨 Security Alert! Atlassian and ISC uncover critical flaws in their products that could lead to DoS and remote code execution attacks.

Read and patch now: https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html

OilRig, Iran's state-backed actor, aims at Israeli entities with spear-phishing tactics. Learn about the Outer Space and Juicy Mix campaigns.

Read: https://thehackernews.com/2023/09/iranian-nation-state-actor-oilrig.html

Ever wondered how MITRE Engenuity evaluates cybersecurity vendors?

Discover how to interpret MITRE ATT&CK Evaluation results and find the perfect security fit for your organization.

Read: https://thehackernews.com/2023/09/how-to-interpret-2023-mitre-att.html

💰🔐 Beware Latin America! BBTok banking trojan strikes Brazil & Mexico. Crafty phishing emails, unique payloads, and a sneaky approach put users at risk.

Learn how to shield your finances from this stealthy attacker: https://thehackernews.com/2023/09/new-variant-of-banking-trojan-bbtok.html

🚨 ALERT: iPhone spyware attack!

Former Egyptian parliament member Ahmed Eltantawy targeted by Predator spyware using 3 recent zero-day vulnerabilities.

Learn more: https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html

Researchers uncovered a new advanced backdoor, 'Deadglyph,' by Stealth Falcon hackers, which combines two languages for cyber espionage.

Read: https://thehackernews.com/2023/09/deadglyph-new-advanced-backdoor-with.html

Espionage Alert: Southeast Asian government targeted by China-nexus threat actors. A three-part report by Palo Alto Networks reveals distinct clusters and sophisticated tactics.

Read more ➡️ https://thehackernews.com/2023/09/new-report-uncovers-three-distinct.html

EvilBamboo tactics exposed: Targets sensitive data from Tibetan, Uyghur, and Taiwanese organizations. Utilizes fake websites and social media for deploying exploits.

Read details: https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html